[tac_plus] PAM and PAP
Morty
morty+tac_plus at frakir.org
Fri Jun 17 06:35:28 UTC 2011
I'm running tacacs+-F4.0.4.19 under Solaris.
I've got users with LOGIN=PAM. This works fine for IOS and the Perl
Authen::TacacsPlus module. It does not appear to work for some other
devices. With debug enabled, the logs show:
Mon Jun 13 21:41:07 2011 [17455]: session.peerip is $IP
Mon Jun 13 21:41:07 2011 [29501]: connect from $hostname [$IP]
Mon Jun 13 21:41:07 2011 [29501]: pap-login query for '$user' 0 from $hostname rejected
Mon Jun 13 21:41:07 2011 [29501]: login failure: $user $hostname ($IP) 0
Google finds a patch for this, but it comes with big caveats:
http://peterton.org/?p=17
Is there a solution for this?
Thanks.
- Morty
More information about the tac_plus
mailing list